On packet receive STT verifies the checksum if not done in
hardware. But IP and TCP were pulled before the verification
step. The verification expect to see packet with TCP header.
This causes STT to drop packet in certain cases.
Signed-off-by: Pravin B Shelar <pshe...@ovn.org>
---
datapath/linux/compat/stt.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/datapath/linux/compat/stt.c b/datapath/linux/compat/stt.c
index 5b68577..eb397e8 100644
--- a/datapath/linux/compat/stt.c
+++ b/datapath/linux/compat/stt.c
@@ -1347,6 +1347,7 @@ static void stt_rcv(struct stt_dev *stt_dev, struct
sk_buff *skb)
if (unlikely(!validate_checksum(skb)))
goto drop;
+ __skb_pull(skb, sizeof(struct tcphdr));
skb = reassemble(skb);
if (!skb)
return;
@@ -1490,7 +1491,7 @@ static unsigned int nf_ip_hook(FIRST_PARAM, struct
sk_buff *skb, LAST_PARAM)
if (!stt_dev)
return NF_ACCEPT;
- __skb_pull(skb, ip_hdr_len + sizeof(struct tcphdr));
+ __skb_pull(skb, ip_hdr_len);
stt_rcv(stt_dev, skb);
return NF_STOLEN;
}
--
2.5.0
_______________________________________________
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev
